3c768a889c6b42d82f46e5f7ae487c60_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c768a889c6b42d82f46e5f7ae487c60_JaffaCakes118
Size

537KB
MD5

3c768a889c6b42d82f46e5f7ae487c60
SHA1

2935a170ad1cfbf36396325129e0fef528f8b6b4
SHA256

e6cbff6efe93be69255aaf1be10731b52f0b91daac5a4da06e0f06f9e870ad5e
SHA512

2c11495e9a97854e3692444ea0957dd8ed8677b87401a03e17544efe07ba0e7c679f0e8a6231b059ce0636ae813e031e1c2032b0906bbfa7188af05f75bcf4ff
SSDEEP

12288:q2OojIaGAkAzB/rHT5MAU00liViYv3c3MpDbHmHU5Z592Uoo:4SIFMB/fqAxuiiYfbGHU5Z59U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c768a889c6b42d82f46e5f7ae487c60_JaffaCakes118

Files

3c768a889c6b42d82f46e5f7ae487c60_JaffaCakes118
.exe windows:4 windows x86 arch:x86

75fa6bcc0c1ad7f6ca5978cf2aa5105d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\AXS.PDB

Imports

user32

ShowWindow
FindWindowW
GetTitleBarInfo
LoadIconW
EnumThreadWindows
MapVirtualKeyExW
SetClipboardData
SetMenuItemInfoW
CharLowerBuffW
GetKeyState
GetMenuCheckMarkDimensions
GetProcessDefaultLayout
CreateWindowExA
SetWindowTextA
EqualRect
SetClassLongW
SetMenu
RegisterClassA
SendInput
PackDDElParam
GetInputDesktop
SetWindowsHookW
MessageBoxW
EndTask
DdeSetUserHandle
CharLowerBuffA
UnhookWindowsHookEx
DestroyMenu
RegisterClassExA
BeginPaint

kernel32

GetStartupInfoA
VirtualQuery
GetEnvironmentStringsW
HeapSize
SetLastError
GetStdHandle
ReadFile
GlobalFix
InterlockedDecrement
ExitProcess
IsValidLocale
QueryPerformanceCounter
FreeEnvironmentStringsA
GetStringTypeW
DeleteCriticalSection
InterlockedIncrement
TlsFree
SetFilePointer
IsValidCodePage
HeapReAlloc
VirtualAlloc
LCMapStringW
WritePrivateProfileStringW
TerminateProcess
GetLastError
OpenMutexA
GetCurrentThreadId
HeapAlloc
MultiByteToWideChar
GetCurrentProcessId
GetCurrentThread
SetConsoleCtrlHandler
GetConsoleMode
GetTimeZoneInformation
GetDateFormatA
CreateMutexA
LeaveCriticalSection
FreeLibrary
GetConsoleOutputCP
WriteFile
SetEnvironmentVariableA
CompareStringW
TlsAlloc
TlsSetValue
WideCharToMultiByte
LCMapStringA
HeapFree
GetModuleFileNameA
EnterCriticalSection
GetEnvironmentStrings
CompareStringA
GetCommandLineA
EnumSystemLocalesA
WriteConsoleW
HeapDestroy
SetHandleCount
GetFileType
GetCPInfo
InitializeCriticalSection
FlushFileBuffers
GetLocaleInfoA
WriteConsoleA
GetProcAddress
UnhandledExceptionFilter
GetTimeFormatA
SleepEx
GetProcessHeap
LoadLibraryA
RtlUnwind
FreeEnvironmentStringsW
Sleep
CreateFileA
GetACP
GetOEMCP
EnumDateFormatsA
GetConsoleCP
SetUnhandledExceptionFilter
InterlockedExchange
GetUserDefaultLCID
GetStringTypeA
HeapCreate
VirtualFree
GetTickCount
GetSystemTimeAsFileTime
CloseHandle
IsDebuggerPresent
TlsGetValue
GetVersionExA
GetLocaleInfoW
GetModuleHandleA
SetStdHandle
GetCurrentProcess

wininet

FreeUrlCacheSpaceA
DeleteUrlCacheEntryW

comctl32

InitCommonControlsEx

Sections

.text
Size: 380KB - Virtual size: 379KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75fa6bcc0c1ad7f6ca5978cf2aa5105d

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

wininet

comctl32

Sections

.text Size: 380KB - Virtual size: 379KB

.rdata Size: 20KB - Virtual size: 31KB

.data Size: 117KB - Virtual size: 116KB

.rsrc Size: 19KB - Virtual size: 19KB

.text
Size: 380KB - Virtual size: 379KB

.rdata
Size: 20KB - Virtual size: 31KB

.data
Size: 117KB - Virtual size: 116KB

.rsrc
Size: 19KB - Virtual size: 19KB